Blogpost

3 minute read

The Unseen Threat of HTTP/2 Rapid Reset Attack

How DeltaBlue.Cloud customers are protected against emerging threats.

Introduction

HTTP/2, as many of you already know, represents a significant revision of the HTTP protocol. It’s not just a novelty; it’s the backbone of modern web infrastructure. The likes of Apache, Nginx, and Varnish Cache have seamlessly integrated this protocol, making it a staple in web hosting, SaaS, and cloud services. Now, let’s dive into the heart of the matter. The HTTP/2 Rapid Reset Attack, referenced as CVE-2023-44487, is like a wolf in sheep’s clothing, hiding behind a minimal resource footprint to launch a massive Denial-of-Service (DoS) assault on unsuspecting websites. Websites lacking the necessary safeguards can find themselves helplessly overwhelmed, their precious server resources depleted.

DeltaBlue Cloud’s Robust Defense

So, what’s the silver lining for those who rely on DeltaBlue Cloud? Our unique architecture acts as an impenetrable shield for every application hosted on our platform. Here’s a glimpse into how we thwart this particular attack vector:

  1. Multipronged Defenses: Every connection to our hosted applications must pass through a series of stringent controls. These controls are designed to fortify the walls of your digital fortress.
  2. HaProxy to the Rescue: One of our standout defenses is built upon the venerable proxy software, HaProxy. It’s not just any HaProxy; it’s a version that’s been ahead of the curve since 2018. HaProxy has meticulously foreseen the threats posed by the HTTP/2 Rapid Reset Attack, and its safeguards were in place as early as version 1.9. You can read more about this on their blog.
  3. Staying Ahead: We pride ourselves on using the latest and greatest versions of HaProxy. This commitment to excellence ensures that our mitigation strategies against the HTTP/2 Rapid Reset Attack are already operational, keeping your applications secure.

The Power of Partnership: DeltaBlue and Cloudflare

How It Works: DeltaBlue Cloud leverages its partnership with Cloudflare to seamlessly route all incoming traffic through Cloudflare’s extensive network. This not only adds an extra layer of security but also ensures that your applications run at lightning speed. In a world where digital threats constantly evolve, DeltaBlue Cloud’s approach is unyielding, technical, and security-focused. We understand that in the realm of cybersecurity, staying a step ahead is the only way to stay safe. Our protection against the HTTP/2 Rapid Reset Attack is not just a feature; it’s a testament to our unwavering dedication to your digital security. Rest assured, when it comes to your web applications, we’ve got your back.

Bram
Bram Pieters
CTO

Want to find out what we can do for you?